Last Modified: Oct 13, 2023
Known Affected Versions:
Opened: Aug 16, 2021 Severity: 3-Major
Users are prompted to change their password when they should not be. The following errors are logged into /var/log/apm: Can't get PSO for domain 'TESTDOMAIN.LOCAL' Failed to get maximum password age from domain 'R4.RHA-RRS.CA' for user 'testuser@TESTDOMAIN.LOCAL'
Users are shown a prompt to change their password.
-- An Active Directory AAA server object with an admin account that does not have permissions to the active directory password policy. -- An Active Directory query object configured to warn the user about password expiration -- Attempt to logon to the virtual server with this access policy.
Disable the warning configuration from the Active Directory query object in the visual policy editor.